Risky Business #739 -- ALPHV exit scams while Change Healthcare burns

PLUS: Intellexa and NSO both have an awful, no good week...
06 Mar 2024 » Risky Business

In this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They talk about:

  • The serious consequences from the Change Healthcare ransomware, and the need for a … nastier response
  • Predator spyware maker getting a stern sanctioning
  • A German military WebEx meeting gets snooped
  • Mem-corrpution is still king
  • And much, much more

In this week’s sponsor interview Patrick Gray speaks to Karl McGuinness, Okta’s chief architect, about some new security improvements they’ve built into their IDP.

Show notes

U.S. Air Force employee charged with giving classified information to woman he met on dating site
Ransomware attack on U.S. health care payment processor ‘most serious incident of its kind’
AlphV’s hit on Change Healthcare strikes a sour note for defenders | Cybersecurity Dive
Office of Public Affairs | Justice Department Disrupts Prolific ALPHV/Blackcat Ransomware Variant | United States Department of Justice
Developing: AlphV allegedly scammed Change Healthcare and its own affiliate (1)
Hackers Behind the Change Healthcare Ransomware Attack Just Received a $22 Million Payment | WIRED
Ciaran Martin on X: "“We have to find a way of making a ransom ban work” - me for @thetimes
US launches antitrust investigation into UnitedHealth, WSJ reports | Reuters
Brett Callow on X: "#Lockbit has de-listed Fulton County.
Predator spyware endures even after widespread exposure, analysis shows | CyberScoop
Predator spyware infrastructure taken down after exposure | CyberScoop
U.S. bans maker of spyware that targeted a senator's phone
Spyware maker NSO Group ordered to turn over Pegasus code in WhatsApp case
Whatsapp Inc vs NSO Group
Russia’s chief propagandist leaks intercepted German military Webex conversation
The White House's Oddly Specific, and Really Quite Good, Software Engineering Advice
A leaky database spilled 2FA codes for the world’s tech giants | TechCrunch
In ConnectWise attacks, Play and LockBit ransomware exploits developed quickly | Cybersecurity Dive
How to Secure the SaaS Apps of the Future | Okta Security